This will remove the db connection check, which has caused some trouble in the past.
It will now simply run _gitea migrate_ and output a message, if the database is not available.
Co-authored-by: Lucas Hahn <lucas.hahn@novum-rgi.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/299
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: luhahn <luhahn@noreply.gitea.io>
Co-committed-by: luhahn <luhahn@noreply.gitea.io>
- Drop super legacy `image.version` value (see #92 description)
- Always use `appVersion` from Chart.yaml as image tag if non specified
---
Don't know whether this is a breaking change regarding image.version
drop.
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/250
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
⚠️ Breaking
Moved the values to enable the dependencies into the dependencies itself, this way we don't need a seperate field in the values and it is more obvious how to enable for example postgresql.
Co-authored-by: Lucas Hahn <lucas.hahn@novum-rgi.de>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/268
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Reviewed-by: Andrew Thornton <art27@cantab.net>
With the result of PR #239 it is much easier to provide additional values to the _app.ini_ configuration from different sources.
These changes adds an _additionalConfigSources_ field where the users can define such sources. This enables the users to choose
on their own whether to store values in _values.yaml_ or load them from Kuberetes Secrets or ConfigMaps.
- Fixes#243
- Fixes#174
- Fixes#260
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/240
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: wxiaoguang <wxiaoguang@noreply.gitea.io>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
As this key must not exist anymore, we don't have to check it.
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/267
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: wxiaoguang <wxiaoguang@noreply.gitea.io>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
This change request includes two different things to improve OAuth source handling:
- Allow multiple OAuth source configuration (Fixes: #191)
- Support reading sensitive OAuth configuration data from Kubernetes secrets (Closes: #242)
⚠️ BREAKING ⚠️
---
Users need to migrate their `gitea.oauth` configuration.
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/244
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Add multiple add sources.
Instead of a single entry for ldap configuration we now would have a dictionary for ldap config.
This would be a breaking change for those working with the ldap config.
fixes: #190
Co-authored-by: Lucas Hahn <lucas.hahn@novum-rgi.de>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/222
Reviewed-by: Andrew Thornton <art27@cantab.net>
Reviewed-by: pat-s <pat-s@noreply.gitea.io>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: luhahn <luhahn@noreply.gitea.io>
Co-committed-by: luhahn <luhahn@noreply.gitea.io>
Currently there are two different styles for defining both ldap and oauth configuration in _values.yaml_ file: `camelCase` and `kebab-case`.
Supporting both styles created multiple regressions in the past.
⚠️ BREAKING ⚠️
---------------
These changes completely remove any support for `kebab-case` notation in _values.yaml_ in favor of `camelCase`. Configuration keys must use `camelCase`.
Only exception are Kubernetes resource keys for annotations or labels.
Fixes: #188
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/196
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
These changes rewrite the init script to be error aware, informative and have a bit more security awareness.
During rewrite several hidden bugs could be identified and fixed, such as:
- LDAP configuration options interpreted by the shell before passed to command
- Finding multiple ldap ids instead of one during lookup when their names are almost identical
e.g. `_my-ldap-auth` and `my-ldap-auth`
- Properly filter auth sources by their types to prevent unintended type converting attempts that fail
In addition to that the script is a bit cleaner. Some commands do not exist anymore and would cause false-positive errors during script execution.
Helps for: #149
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/178
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
This fixes several flaws introduced by commits for #169 (see c49dc047a4).
- Respect kebab-case ldap bind inline definition
- Prevent camelCase ldap bind inline definition from being overridden by empty string
- Create admin account when `existingSecret` is used
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/183
Reviewed-by: Andrew Thornton <art27@cantab.net>
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Allow admin user and password to be configured via existing secrets
Allow LDAP bindDn and bindPassword to be configured via existing secrets
Update Readme
Fixes: #169
Co-authored-by: Lucas Hahn <lucas.hahn@novum-rgi.de>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/170
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: luhahn <luhahn@noreply.gitea.io>
Co-committed-by: luhahn <luhahn@noreply.gitea.io>
This PR includes the changes from:
- https://gitea.com/gitea/helm-chart/pulls/129
- https://gitea.com/gitea/helm-chart/pulls/140
In addition it adds the possibility to include secrets via environment variables as mentioned in #60
Co-authored-by: Hans Kristian Flaatten <hans.flaatten@evry.com>
Co-authored-by: flavio.prado <flavio.prado@noreply.gitea.io>
Co-authored-by: Lucas Hahn <lucas.hahn@novum-rgi.de>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/148
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
Reviewed-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: luhahn <luhahn@noreply.gitea.io>
Co-committed-by: luhahn <luhahn@noreply.gitea.io>
There are currently 2 issues that prevent using this chart to deploy gitea with a SQLite3 database.
1) The value from *gitea.config.database.HOST* is used to set *db.servicename* when all the databases under *gitea.database.buildIn* are not enabled. This causes a type error during the template processing:
`Error: UPGRADE FAILED: template: gitea/templates/gitea/init.yaml:24:20: executing "gitea/templates/gitea/init.yaml" at <include "db.servicename" .>: error calling include: template: gitea/templates/_helpers.tpl:64:31: executing "db.servicename" at <.Values.gitea.config.database.HOST>: wrong type for value; expected string; got interface {}`
2) In *init_gitea.sh*, we use the value *db.servicename* and *db.port* to ping the database. If this database responds to ping, we proceed with the init. The problem here is that *db.port* is not set when all the databases under *gitea.database.buildIn* are disabled. In turn, this raises an error from busybox's *nc*, because no parameter is passed for *PORT*. This causes the init container to go in *CrashLoopBackOff* forever.
The simple fix that is proposed in this PR is to check wether or not *.Values.gitea.config.database.DB_TYPE* is set to determine the value *db.servicename*. If *DB_TYPE* is *'sqlite3'*, leave *db.servicename* empty and use that to bypass the database ping.
Co-authored-by: Baptiste Covolato <b.covolato@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/124
Reviewed-by: Andrew Thornton <art27@cantab.net>
Reviewed-by: lafriks <lafriks@noreply.gitea.io>
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Co-authored-by: Nakrez <nakrez@noreply.gitea.io>
Co-committed-by: Nakrez <nakrez@noreply.gitea.io>
I opened up the OAuth2 authentication option. I needed this feature, and it is available in the gitea cli. So I opened it up for configuration through this pull request.
Hope it can help others.
Co-authored-by: Marc Went <marc.went+git@redkubes.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/123
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: lafriks <lafriks@noreply.gitea.io>
Co-authored-by: Dunky13 <dunky13@noreply.gitea.io>
Co-committed-by: Dunky13 <dunky13@noreply.gitea.io>
This pull request adds the `app` and `version` labels that are used by Istio.
> Pods with app and version labels: We recommend adding an explicit app label and version label to the specification of the pods deployed using a Kubernetes Deployment. The app and version labels add contextual information to the metrics and telemetry that Istio collects.
>
> * The app label: Each deployment should have a distinct app label with a meaningful value. The app label is used to add contextual information in distributed tracing.
>
> * The version label: This label indicates the version of the application corresponding to the particular deployment.
From https://istio.io/latest/docs/ops/deployment/requirements/#pod-requirements
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/121
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: lafriks <lafriks@noreply.gitea.io>
Co-authored-by: Starefossen <starefossen@noreply.gitea.io>
Co-committed-by: Starefossen <starefossen@noreply.gitea.io>
Improve ldap settings with helper function
Allow clusterIP for http service to be set, default to None
Use imagePullSecrets in statefulset now
Update default values
Update README
Bump Chart version
Co-authored-by: luhahn <lucas.hahn@novum-rgi.de>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/87
Reviewed-by: lafriks <lafriks@noreply.gitea.io>
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-Authored-By: luhahn <luhahn@noreply.gitea.io>
Co-Committed-By: luhahn <luhahn@noreply.gitea.io>
Upgrade mariadb Helm chart to 8.0.0
The names of the values changed in the new Helm chart, see [1]. Thus the
Helm chart ships breaking changes and therefore bump the major version
of this Chart.yaml (not sure if you use semver?)
Furthermore, there is a bug [2] where not setting the root password
results in the mariadb entering a CrashLoopBackOff when re-installing
it. Thus set it (as done in the mysql values already).
[1] 1206942b69
[2] https://github.com/bitnami/charts/issues/3884
Co-authored-by: Andre Schröder <andre.schroedr@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/48
Reviewed-by: Andrew Thornton <art27@cantab.net>
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Co-Authored-By: schra <schra@noreply.gitea.io>
Co-Committed-By: schra <schra@noreply.gitea.io>
Update dependencies
- Update Postgres version from 8.6.4 to 9.7.3
- Update Mysql version from 6.14.8 to 6.14.10
- Add MariaDB as built in dependency
Co-authored-by: Lucas Hahn <lucas.hahn@novum-rgi.de>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/33
Reviewed-by: Jonas Franz <jonasfranz@noreply.gitea.io>
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
Bump chart version
Update README.md with example for DB
Fix external host check for Databases
Fix condition for memcached in Chart.yaml
Co-authored-by: Lucas Hahn <lucas.hahn@novum-rgi.de>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/18
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
Reviewed-by: Andrew Thornton <art27@cantab.net>
Fix ssh port settings
Remove blank line from LICENSE file
add check for admin user
set PROTOCOL default to http
Add Konrad Lother as Maintainer
Update readme with generic values
make app.ini generic
- app.ini is now configurable via dictionary in values.yaml
- database and server configuration is autogenerated if not defined
- http and ssh services now use gitea config settings for targetPort
- add default security value INSTALL_LOCK = true
- clean up builtin cache settings
bump gitea version
Add values and Remove vscode TOC comments
- values enablePushCreateOrg and enablePushCreateUser have been added to repository settings
fix naming order of license and maintainers
Multiple improvements for the chart:
- add terminationGracePeriodSeconds to shutdown the statefulset gracefully on error
- add guard for loadbalancer settings in ssh service
- use mysql from bitnami, since they update the version much more frequent (old mysql only uses mysql ~6)
- init container now also provisions mysql and external database correctly
Fix PVC mounting issues for longhorn storageClass
Add examples to readme
Fix port setting for ssh
Fix and operator for newer helm versions
update values to support most configuration gitea offers
Replace Readme
update license file
Update helpers with dependencies, update NOTES.txt
update Chart.yaml with dependencies
Requirements.yaml removed, since this is deprecated and moved to Chart.yaml
Remove now unused dependencies and deployments
- init is no longer used since databases are initialized
on original charts and managed with dependency
- ingress.yaml moved to templates/gitea
- deployment.yaml no longer used and replaced with templates/gitea/statefulset.yaml
- memcached also handled with helm dependency and initialized in original chart
Add initial test for gitea helm chart
Rework templates for helm chart.
- app.ini configurable via config
- admin user and ldap settings configurable via config
- using statefulset to handle pvc
- update helpers for new dependencies
remove helm build artifacts since they are not needed in this repository
Co-authored-by: Lucas Hahn <lucas.hahn@novum-rgi.de>
Co-authored-by: Konrad Lother <konrad.lother@novum-rgi.de>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/7
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-by: Andrew Thornton <art27@cantab.net>
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
